CVE-2021-31891 - OpenCVE

A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Siemens	Desigo Cc Gma-manager Operation Scheduler Siveillance Control Siveillance Control Pro

Configuration 1 [-]

OR	cpe:2.3:a:siemens:desigo_cc::::::::
	cpe:2.3:a:siemens:siveillance_control_pro::::::::

Configuration 2 [-]

AND

OR	cpe:2.3:a:siemens:gma-manager::::::::
	cpe:2.3:a:siemens:operation_scheduler::::::::
	cpe:2.3:a:siemens:siveillance_control::::::::

cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-09-14T10:47:31

Updated: 2024-08-03T23:10:30.639Z

Reserved: 2021-04-29T00:00:00

Link: CVE-2021-31891

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-09-14T11:15:24.023

Modified: 2021-09-28T16:48:53.480

Link: CVE-2021-31891

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Desigo CC", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions with OIS Extension Module"}]}, {"product": "GMA-Manager", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions with OIS running on Debian 9 or earlier"}]}, {"product": "Operation Scheduler", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions with OIS running on Debian 9 or earlier"}]}, {"product": "Siveillance Control", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions with OIS running on Debian 9 or earlier"}]}, {"product": "Siveillance Control Pro", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-14T10:47:31", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-31891", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Desigo CC", "version": {"version_data": [{"version_value": "All versions with OIS Extension Module"}]}}, {"product_name": "GMA-Manager", "version": {"version_data": [{"version_value": "All versions with OIS running on Debian 9 or earlier"}]}}, {"product_name": "Operation Scheduler", "version": {"version_data": [{"version_value": "All versions with OIS running on Debian 9 or earlier"}]}}, {"product_name": "Siveillance Control", "version": {"version_data": [{"version_value": "All versions with OIS running on Debian 9 or earlier"}]}}, {"product_name": "Siveillance Control Pro", "version": {"version_data": [{"version_value": "All versions"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:10:30.639Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-31891", "datePublished": "2021-09-14T10:47:31", "dateReserved": "2021-04-29T00:00:00", "dateUpdated": "2024-08-03T23:10:30.639Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:desigo_cc:*:*:*:*:*:*:*:*", "matchCriteriaId": "90D75ECA-E171-42BD-A475-A1DD4B9BE013", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D1D6B61-1F17-4008-9DFB-EF419777768E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2504273-D83D-462E-A8CF-09107517D75D", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFB86317-9626-454A-89D3-2B96FDF84CC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:siveillance_control:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5A18694-B44A-424A-8811-0D0E4FD729A8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B79BD779-60A5-43A8-9229-07C11A3167AA", "versionEndIncluding": "9.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Desigo CC (Todas las versiones con m\u00f3dulo de extensi\u00f3n OIS), GMA-Manager (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Operation Scheduler (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Siveillance Control (Todas las versiones con OIS que se ejecutan en Debian 9 o anterior), Siveillance Control Pro (Todas las versiones). La aplicaci\u00f3n afectada neutraliza incorrectamente elementos especiales en una petici\u00f3n HTTP GET espec\u00edfica que podr\u00eda conllevar a una inyecci\u00f3n de comandos. Un atacante remoto no autenticado podr\u00eda aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema con privilegios de root"}], "id": "CVE-2021-31891", "lastModified": "2021-09-28T16:48:53.480", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-09-14T11:15:24.023", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "productcert@siemens.com", "type": "Primary"}]}